Wireshark-dev: Re: [Wireshark-dev] Static analysis added to the buildbot

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Fri, 18 Feb 2011 10:16:44 -0800
On 2/17/11 2:14 PM, Gerald Combs wrote:
> On 2/16/11 7:22 PM, Guy Harris wrote:
>>
>> On Feb 15, 2011, at 5:33 PM, Gerald Combs wrote:
>>
>>> The trunk buildbot now has two additional buildslaves: one that runs the
>>> C/C++ code analyzer in Visual Studio 10 Premium and one that runs the
>>> Clang Static Analyzer. They are scheduled to run once a day at 9:00 PM
>>> PST (5:00 AM UTC) for the time being.
>>
>> Anybody know somebody at this "Microsoft" corporation?  We appear to be using some of their header files; somebody ought to tell them that the VS++ code analyzer's finding problems with those headers:
>>
>> c:\program files (x86)\microsoft sdks\windows\v7.0a\include\ws2tcpip.h(729) : warning C6386: Buffer overrun: accessing 'argument 1', the writable size is '1*4' bytes, but '4294967272' bytes might be written: Lines: 703, 704, 705, 707, 713, 714, 715, 720, 721, 722, 724, 727, 728, 729
>> c:\program files (x86)\microsoft sdks\windows\v7.0a\include\wspiapi.h(294) : warning C6386: Buffer overrun: accessing 'argument 1', the writable size is '1' bytes, but '1025' bytes might be written: Lines: 263, 264, 265, 267, 268, 270, 271, 273, 294
>> c:\program files (x86)\microsoft sdks\windows\v7.0a\include\wspiapi.h(236) : warning C6387: '*pptResult' might be '0': this does not adhere to the specification for the function 'WspiapiQueryDNS': Lines: 263, 264, 265, 267, 268, 270, 271, 273, 294, 296
>> c:\program files (x86)\microsoft sdks\windows\v7.0a\include\wspiapi.h(687) : warning C6387: 'argument 1' might be '0': this does not adhere to the specification for the function 'WspiapiLegacyFreeAddrInfo': Lines: 504, 505, 506, 507, 508, 509, 510, 512, 513, 514, 515, 516, 5
>> 20, 528, 532, 538, 550, 551, 555, 556, 560, 563, 568, 575, 577, 578, 589, 591, 592, 593, 596, 598, 599, 600, 604, 607, 610, 611, 627, 662, 664, 680, 685, 687
>> c:\program files (x86)\microsoft sdks\windows\v7.0a\include\wspiapi.h(481) : warning C6387: '*pptResult' might be '0': this does not adhere to the specification for the function 'WspiapiLegacyGetAddrInfo': Lines: 504, 505, 506, 507, 508, 509, 510, 512, 513, 514, 515, 516, 520, 528, 532, 538, 550, 551, 555, 556, 560, 563, 568, 575, 577, 578, 589, 591, 592, 593, 596, 598, 599, 600, 604, 607, 610, 611, 627, 662, 664, 680, 685, 687, 688, 691
> 
> It looks like this is a known bug:
> 
> http://connect.microsoft.com/VisualStudio/feedback/details/99397/warning-c6011-at-wspiapi-h-1001

The most recent Windows SDK release is 7.1:

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=6b6c21d2-2006-4afa-9702-529fa782d63b

Its versions of ws2tcpip.h and wspiapi.h produce the same errors.

-- 
Join us for Sharkfest ’11! · Wireshark® Developer and User Conference
Stanford University, June 13-16 · http://sharkfest.wireshark.org